WindowsBuiltInRole 列舉
定義
重要
部分資訊涉及發行前產品,在發行之前可能會有大幅修改。 Microsoft 對此處提供的資訊,不做任何明確或隱含的瑕疵擔保。
指定與 IsInRole(String) 搭配使用的通用角色。
public enum class WindowsBuiltInRolepublic enum WindowsBuiltInRole[System.Serializable]
public enum WindowsBuiltInRole[System.Serializable]
[System.Runtime.InteropServices.ComVisible(true)]
public enum WindowsBuiltInRoletype WindowsBuiltInRole = [<System.Serializable>]
type WindowsBuiltInRole = [<System.Serializable>]
[<System.Runtime.InteropServices.ComVisible(true)>]
type WindowsBuiltInRole = Public Enum WindowsBuiltInRole- 繼承
- 屬性
欄位
| AccountOperator | 548 | 帳戶操作員管理電腦或網域上的使用者帳戶。 |
| Administrator | 544 | 管理員已完成並解除電腦或網域的存取限制。 |
| BackupOperator | 551 | 備份操作員可以覆寫專供備份或還原檔案使用的安全性限制。 |
| Guest | 546 | Guest 的限制多於使用者。 |
| PowerUser | 547 | 進階使用者 (Power User) 除了部分限制外擁有大部分的管理使用權限。 因此,除了已認證的應用程式之外,進階使用者也可以執行舊版的應用程式。 |
| PrintOperator | 550 | 列印操作員可以取得印表機的控制。 |
| Replicator | 552 | 複寫器支援網域中的檔案複寫。 |
| SystemOperator | 549 | 系統操作員管理特定的電腦。 |
| User | 545 | 使用者無法執行無意或有意的系統級變更。 因此,使用者可以執行已認證的應用程式,但無法執行大部分的舊版應用程式。 |
範例
下列範例顯示列舉的使用 WindowsBuiltInRole 。
public:
static void DemonstrateWindowsBuiltInRoleEnum()
{
AppDomain^ myDomain = Thread::GetDomain();
myDomain->SetPrincipalPolicy( PrincipalPolicy::WindowsPrincipal );
WindowsPrincipal^ myPrincipal = dynamic_cast<WindowsPrincipal^>(Thread::CurrentPrincipal);
Console::WriteLine( "{0} belongs to: ", myPrincipal->Identity->Name );
Array^ wbirFields = Enum::GetValues( WindowsBuiltInRole::typeid );
for each ( Object^ roleName in wbirFields )
{
try
{
Console::WriteLine( "{0}? {1}.", roleName,
myPrincipal->IsInRole( *dynamic_cast<WindowsBuiltInRole^>(roleName) ) );
}
catch ( Exception^ )
{
Console::WriteLine( "{0}: Could not obtain role for this RID.",
roleName );
}
}
}
using System;
using System.Threading;
using System.Security.Permissions;
using System.Security.Principal;
class SecurityPrincipalDemo
{
public static void DemonstrateWindowsBuiltInRoleEnum()
{
AppDomain myDomain = Thread.GetDomain();
myDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
WindowsPrincipal myPrincipal = (WindowsPrincipal)Thread.CurrentPrincipal;
Console.WriteLine("{0} belongs to: ", myPrincipal.Identity.Name.ToString());
Array wbirFields = Enum.GetValues(typeof(WindowsBuiltInRole));
foreach (object roleName in wbirFields)
{
try
{
// Cast the role name to a RID represented by the WindowsBuildInRole value.
Console.WriteLine("{0}? {1}.", roleName,
myPrincipal.IsInRole((WindowsBuiltInRole)roleName));
Console.WriteLine("The RID for this role is: " + ((int)roleName).ToString());
}
catch (Exception)
{
Console.WriteLine("{0}: Could not obtain role for this RID.",
roleName);
}
}
// Get the role using the string value of the role.
Console.WriteLine("{0}? {1}.", "Administrators",
myPrincipal.IsInRole("BUILTIN\\" + "Administrators"));
Console.WriteLine("{0}? {1}.", "Users",
myPrincipal.IsInRole("BUILTIN\\" + "Users"));
// Get the role using the WindowsBuiltInRole enumeration value.
Console.WriteLine("{0}? {1}.", WindowsBuiltInRole.Administrator,
myPrincipal.IsInRole(WindowsBuiltInRole.Administrator));
// Get the role using the WellKnownSidType.
SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
Console.WriteLine("WellKnownSidType BuiltinAdministratorsSid {0}? {1}.", sid.Value, myPrincipal.IsInRole(sid));
}
public static void Main()
{
DemonstrateWindowsBuiltInRoleEnum();
}
}
Imports System.Threading
Imports System.Security.Permissions
Imports System.Security.Principal
Class SecurityPrincipalDemo
Public Shared Sub DemonstrateWindowsBuiltInRoleEnum()
Dim myDomain As AppDomain = Thread.GetDomain()
myDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal)
Dim myPrincipal As WindowsPrincipal = CType(Thread.CurrentPrincipal, WindowsPrincipal)
Console.WriteLine("{0} belongs to: ", myPrincipal.Identity.Name.ToString())
Dim wbirFields As Array = [Enum].GetValues(GetType(WindowsBuiltInRole))
Dim roleName As Object
For Each roleName In wbirFields
Try
' Cast the role name to a RID represented by the WindowsBuildInRole value.
Console.WriteLine("{0}? {1}.", roleName, myPrincipal.IsInRole(CType(roleName, WindowsBuiltInRole)))
Console.WriteLine("The RID for this role is: " + Fix(roleName).ToString())
Catch
Console.WriteLine("{0}: Could not obtain role for this RID.", roleName)
End Try
Next roleName
' Get the role using the string value of the role.
Console.WriteLine("{0}? {1}.", "Administrators", myPrincipal.IsInRole("BUILTIN\" + "Administrators"))
Console.WriteLine("{0}? {1}.", "Users", myPrincipal.IsInRole("BUILTIN\" + "Users"))
' Get the role using the WindowsBuiltInRole enumeration value.
Console.WriteLine("{0}? {1}.", WindowsBuiltInRole.Administrator, myPrincipal.IsInRole(WindowsBuiltInRole.Administrator))
' Get the role using the WellKnownSidType.
Dim sid As New SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, Nothing)
Console.WriteLine("WellKnownSidType BuiltinAdministratorsSid {0}? {1}.", sid.Value, myPrincipal.IsInRole(sid))
End Sub
Public Shared Sub Main()
DemonstrateWindowsBuiltInRoleEnum()
End Sub
End Class
備註
這些角色代表大部分 Windows NT、Windows 2000 和 Windows XP 安裝通用的本機 Windows 群組。
注意
在 Windows Vista 中,使用者帳戶控制 (UAC) 會判斷使用者的權限。 如果您是內建 Administrators 群組的成員,系統會將兩個執行階段存取語彙基元 (Token) 指派給您:標準使用者存取語彙基元及管理員存取語彙基元。 根據預設,您會屬於標準使用者角色。 當您嘗試執行需要系統管理許可權的工作時,您可以使用 [同意] 對話框動態提高角色。 執行 方法的程式 IsInRole 代碼不會顯示 [同意] 對話框。 如果您處於標準使用者角色,則程式代碼會傳回 false,即使您位於內建的 Administrators 群組中也一樣。 您可以在執行程式代碼之前,先以滑鼠右鍵按兩下應用程式圖示,並指出您想要以系統管理員身分執行,以提升許可權。
